Email this

We hate spam. The information you've entered will not be shared or sold.

Email sent

Your link to 'Comcast Business IP Gateway and Static IP overview' has been sent!

Introduction

Comcast's IP Gateway (Comcast's firewall, switch and static IP-capable modem) is all you need to take advantage of a static IP and built-in firewall features. Find out what you can do with a static IP, along with the additional features available on the IP Gateway device. Static IP support, in most cases, includes support for both IPv4 and IPv6.

Note: Some earlier makes and models of Comcast Business IP Gateways do not support IPv6.

Using a static vs. a dynamic IP address

A static IP address is manually configured. This manual configuration prevents the IP address from changing as dynamic addresses do. A static IP will allow you to run an email, web or VPN server, from a device behind the Comcast modem (Gateway), with a static routable (publicly accessible) IP address.

A dynamic IP address, for IPv4 and IPv6, has the potential to change at any given interval. Normally, a lease time is assigned to the IP address and, once it has expired, there is a chance a different IP address will be assigned to the device.

Static IPv4 prefixes can be ordered in blocks of 1, 5 and (in select areas) 13 for an additional monthly charge. Static IPv6 prefixes are allocated in a single size for all Business IP Gateway customers, the size being a /56. A /56 provides several millions of addresses. Once ordered, a custom configuration containing the static IP range is remotely configured to the Comcast IP Gateway with no additional hardware required for you to connect it to your equipment (server, firewall, etc.). For IPv6, no custom configuration is required on the Business IP Gateway since the provisioning of the IPv6 prefix is managed by Comcast.

Use your static IPs to run a server - IPv4

Your server or firewall (connected to the modem) should be configured with the following settings:

IP address: The IP addresses which can be assigned to equipment connected to the Comcast IP Gateway will be given to you once it is built.

Subnet mask:

A CIDR /30 (or 1 static IP) - 255.255.255.252

A /29 (or 5 static IPs) - 255.255.255.248

A /28 (or 13 static IPs) - 255.255.255.240

Gateway IP: This is a static IP address, in addition to the number of ordered IPs, which is assigned to the Comcast modem (IP Gateway). By default, it is the last IP in the range loaded on the Comcast Gateway.

Use your static IPs to run a server - IPv6

Your server or firewall (connected to the modem) should be configured with the following settings:

IP address: Identify the IPv6 prefix assigned to the LAN of the Business IP Gateway, this is typically a /64 even though your gateway is allocated a /56. From the /64 configured on the LAN of the Business IP Gateway select the bits desired for the interface identified on the server (essentially the lower 64 bits of the IPv6 address).

The mask for the LAN of the Business IP Gateway will most always be a /64.

Default IPv6 Gateway will be dynamically learned by IPv6 compliant and enabled hosts connected to the LAN of the Business IP Gateway. The default gateway for IPv6 is no longer learned or transmitted using DHCPv6, IPv6 router discovery is how hosts or nodes learn their IPv6 default gateway. The IPv6 default gateway will be the IPv6 link local address of the LAN interface of the Business IP Gateway.

Comcast IP Gateway features

If your specific needs do not require a static IP you may have the option to provide your own standalone cable modem. However, by utilizing the Comcast-provided Gateway you have the option to attach a separate router or hardware firewall, or utilize the built-in firewall functionality provided by the Comcast IP Gateway.

The Comcast IP Gateway's firewall offers:

Support for both IPv4 and IPv6

Stateful packet inspection (SPI)

Port forwarding (up to 35 forwards)

Port blocking

Port triggering (up to 50)

Keyword blocking (up to 50)

The Comcast firewall will not provide DQOS control or bandwidth usage data. For those functions we recommend that you add your own router with firewall capabilities.

Comcast can configure the Gateway according to customer specifications. However, we will only disable a customer's firewall and DHCP service on the Gateway upon request.

Port forwarding

With port forwarding, internet traffic sent to a specified public IP address on the specified port is redirected to a local private IP address. Port forwarding rules can be set up that will allow you to run servers from your private LAN IP subnet.

Note:Port forwarding is not applicable to static public IPs outside of local devices configured for 1-to-1 NAT (forwards all traffic destined to the specified public IP to a private IP).

Port forwarding allows you to use the static IP address that is configured to the Comcast IP Gateway (gateway IP) effectively giving you an additional IP address beyond the number of addresses paid for.

Network your computers

You can attach your computers to the IP Gateway using it as your DHCP server for IPv4 and IPv6. Stateless IPv6 address auto-configuration is also supported by Business IP Gateways. It has 4 available ports and can support up to 256 for IPv4 (by default, this is set to 189) networked devices, however bandwidth needs may necessitate limiting the number of simultaneous connections.